Instructor: Dr. William H. Winsborough
Class Periods: MW 5:30 - 6:45pm Lecture Hall: SB 3.01.04
Instructor Office: HSS 4.02.52
Office Hours: MW 4-5:15pm and by appointment
Phone: (210) 458-5659
Email Address: winsboro at cs dot utsa dot edu

Course Description Trust management is an approach to designing authorization systems for use in decentralized environments, such as business partnerships or coalition operations, and open systems, such as the Internet. Owing to the scale of these contexts, resources (such as files, software, or computing equipment) need to be shared selectively with resource requesters (such as users, servers, or processes) with whom the resource owner may not have a prior, existing relationship. Consequently, access control policies must be able to utilize information from various sources about resource requesters, and make decisions about who gets access by combining such information appropriately and securely. This class will study practical and theoretical issues in design and construction of trust management systems. It will also study other, more centralized access control systems, such as role-based access control, for the purpose of understanding the strengths and weaknesses of the various approaches to managing authorization. In addition, the course will consider emerging tools and techniques that can be used by authors of access-control policy authors to ensure that policy objectives are met.

Course Syllabus: http://www.cs.utsa.edu/~winsboro/teaching/CS6463-S06/Syllabus.htm

Papers

• January 23 and 25: Peter Gutmann, University of Auckland. PKI: It’s Not Dead, Just Resting
• January 30 and February 1: Matt Blaze, Joan Feigenbaum, and Jack Lacy. Decentralized Trust Management. In Oakland, 1996.
• February 6 and 8: M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust-Management System Version 2. Network Working Group RFC 2704, September 1999.
• February 13 -- March 1: N. Li, W. Winsborough, and J. C. Mitchell. Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security, 11(1):35-86. February 2003.
• March 6 and 8: N. Li, J. C. Mitchell, and W. Winsborough. Design of a Role-Based Trust Management Framework. Proceedings of the 2002 IEEE Symposium on Security and Privacy (Oakland), May 2002. Extended synopsis is optional (due March 29).
• March 27: N. Li, J. C. Mitchell, and W. Winsborough. Beyond Proof of Compliance: Security Analysis in Trust Management . JACM, 2004. No preliminary synopsis required. Extended synopsis is required and due April 5.
• April 3: Krzysztof R. Apt. Logic Programming . Handbook of theoretical computer science, Elsevier 1990. Read sections 1, 2.1-3, 3.1-6. No preliminary or extended synopsis required.
• April 17: Ninghui Li and John C. Mitchell. Datalog with Constraints: A Foundation for Trust-management Languages . In Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages (PADL 2003), LNCS 2562, Springer, pp. 58--73. No preliminary synopsis required.

• This is the paper I mentioned in class 3/1/06. It is with Sandro Etalle, who spoke in class 2/15/06. Etalle and Winsborough.

• 1/18/06
• 1/30/06
• 2/1/06
• 2/6/06
• 2/13/06
• 2/15/06
• 2/20/06
• 2/27/06